The hottest Encryption Substack posts right now

And their main takeaways

The Ethics of Cybersecurity

Rod’s Blog • 615 implied HN points • 17 Jan 24

Cybersecurity is crucial for protecting personal information, financial assets, intellectual property, critical infrastructure, and national security.
Ethical considerations in cybersecurity include principles like confidentiality, integrity, availability, and justice.
Balancing security and privacy involves strategies like risk-based approaches, data minimization, using encryption, respecting privacy rights, and staying informed about cybersecurity trends.

Standards Body Considers Uncloaking Secret Encryption Algorithms

Zero Day • 659 implied HN points • 11 Oct 23

🕹 Technology Security Encryption Standards Algorithms

European standards body may make new encryption algorithms public due to backlash over secrecy.
Previously kept secret algorithms had major flaws, prompting consideration for greater transparency.
Independent researchers found vulnerabilities, including intentional backdoors, in old encryption algorithms in use for over 25 years.

Who can you trust?

Glenn’s Substack • 1395 implied HN points • 07 Apr 23

🕹 Technology AI Deepfakes Encryption

Questioning the trustworthiness of audio, video, and photographs due to the rise of deepfakes.
Historically, relying on human witnesses has been essential in situations where visual evidence is questionable.
Considering the utilization of specially trained observers, similar to Heinlein's concept of Fair Witnesses, to navigate the challenges of trust in evidence.

Best Infosec-Related Long Reads for the Week of 1/27/24

Metacurity • 19 implied HN points • 03 Feb 24

🕹 Technology Privacy Encryption Cybersecurity Internet

Client-side scanning is not a secure solution to law enforcement encryption needs.
The amount of satellite surveillance data is expected to increase significantly.
Deepfake technology, like Taylor Swift deepfakes, is likely to impact the internet.

Private Messages Not Allowed

Stove Top • 157 implied HN points • 02 Jun 23

🕹 Technology Privacy Immigration Memes AI Encryption

Privacy is essential - end-to-end encryption protects it
Immigration is vital for economic growth and innovation
Memes are powerful tools for online engagement and audience growth

Get a weekly roundup of the best Substack posts, by hacker news affinity:

Beyond the Padlock 🔒: Demystifying TLS - Part 1

Lost In Abstractions • 1 HN point • 11 Apr 24

🕹 Technology Security Encryption Networking

TLS encryption involves various components like digital certificates, public key cryptography, symmetric key encryption, and cipher suites.
A TLS handshake process includes agreeing on a cipher suite, server authentication, session key exchange, and establishing a secure connection.
Version differences in TLS, such as TLS 1.2 and TLS 1.3, impact the handshake process, with features like forward secrecy in 1.2 and shorter handshakes in 1.3.

Encryption bans are doomed

Nick Merrill • 58 implied HN points • 07 Jul 23

🕹 Technology Data security Cryptography Privacy Concerns Encryption

Steganography hides the fact that secret communication is occurring.
Perfect steganography can make encryption bans impractical.
Regulators may shift focus to controlling endpoints for monitoring content and speech.

TechLetters #128 - breaking 256b encrypted communication systems. Facebook got a GDPR fine. Cookie lifetime limit.

Lukasz Olejnik on Cyber, Privacy and Tech Policy Critique • 58 implied HN points • 29 May 23

🕹 Technology Security Privacy Data Protection Encryption Cybersecurity

Motorola's 256-bit encryption system may have security vulnerabilities.
Facebook faced a record GDPR fine, risking shutdown in Europe.
Web browser cookies now have a maximum lifespan of 400 days.

Oracle-based Conditional payments on Bitcoin

LN Markets’ Newsletter • 58 implied HN points • 16 May 23

🕹 Technology Cryptocurrency Bitcoin Encryption

Oracle-based Conditional payments introduce a new way to handle conditional payments on Bitcoin by using oracles to attest to real-world events, allowing contracting parties to claim funds based on these attestations.
Conditional payments rely on a third party for attestation, but in Oracle-based payments, the third party only attests events and does not execute contracts, improving security and trust in the process.
Verifiable witness encryption plays a crucial role in setting up Oracle-based Conditional payments, ensuring that contracting parties can trust the oracle's attestations and claim funds accordingly.

Five Links - May 2023

Five Links (and three graphs) by Auren Hoffman • 56 implied HN points • 05 May 23

🕹 Technology Cybersecurity Encryption Digital Security Venture Capital

Dual Threat CEOs perform better than traditional fund managers.
Queens were historically more likely to wage war than kings.
Unpartnered adults in the U.S. experience different social and economic outcomes.

Why 8(to)7 encryption is snake-oil

Cybersect • 39 implied HN points • 28 May 23

🕹 Technology Crypto Encryption Algorithms Cybersecurity Innovation

People often invent new encryption algorithms without solid evidence of effectiveness.
Be cautious of encryption claims that use buzzwords and make unreasonable promises.
It's important to seek technical explanations and benchmarks to evaluate the validity of encryption algorithms.

Attested-enclave networks

Gray Mirror • 33 implied HN points • 10 Jun 23

🕹 Technology Security Networking Operating Systems Encryption Software

An attested network is like a governed network where every app is like its own government.
Network attestation enhances security by allowing nodes to verify the software running on other nodes.
In an attested network, applications can enforce security measures like expiring messages to prevent unauthorized access.

The .zip domains are a good idea

Cybersect • 19 implied HN points • 12 May 23

🕹 Technology Cybersecurity Internet Innovation Encryption

Google offering .zip domains sparked outrage in the cybersec community.
Intolerance for security issues can lead to positive changes in cybersecurity practices.
Challenging the status quo in cybersecurity can drive improvements over time.

Interview with the ETSI Standards Organization That Created TETRA "Backdoor"

Zero Day • 7 HN points • 25 Jul 23

🕹 Technology Cybersecurity Communication Encryption Vulnerabilities

TETRA radio communication technology used by police and critical infrastructure was found to have a backdoor, reducing encryption strength.
Keeping encryption algorithms secret can hinder security, as seen in the TETRA case where a deliberate weakness was discovered.
ETSI created new secret algorithms to address vulnerabilities, but the debate continues on whether secrecy is the best approach for security.

Secure Enclaves

Why Now • 5 implied HN points • 03 Apr 23

🕹 Technology Cybersecurity Encryption Cloud Computing Data security Hardware

Security is a key area for innovation with a focus on problem-solving and wedging opportunities against incumbents
Encrypting data in-use is a challenge in cybersecurity, with solutions like homomorphic encryption and secure enclaves emerging
Secure Enclaves are highly-controlled environments that validate code execution cryptographically, offering a way to protect data in-use

Fact Check: the UK and its Online Safety Bill

untidy • 4 HN points • 12 Mar 23

🕹 Technology Encryption Government Control Privacy Security

The UK Online Safety Bill has been heavily debated and altered since its introduction in 2021.
The bill does not ban end-to-end encryption but forces technology companies to compromise security for oversight.
Debate around the bill should focus on the impacts on privacy and safety for both children and adults.

#48: The Very Simple e/acc Thesis

On the Waterfront • 3 HN points • 13 Feb 23

🕹 Technology Artificial Intelligence Computing Encryption Cybersecurity

Technological progress is rapidly increasing computational power available to humanity.
Advancements in AI heavily rely on the abundance of computational resources.
AI will become more accessible and difficult to control or contain as technology progresses.

RISC-V Vector Cryptography Extension (2/2)

Fprox’s Substack • 0 implied HN points • 20 Feb 23

🕹 Technology Cryptocurrency Hardware Security Software Encryption

There are new instructions for hash functions like SHA-2 and SM3 in the RISC-V vector cryptography extension.
The Zvkb extension includes instructions for bit manipulation like bit and byte reversal, vector rotations, and carry-less multiplication.
The vector cryptography extensions have specific encodings within the opcode spaces, making them incompatible with certain future extensions.

How E2E Encryption works it magic? + Signal Protocol

The ZenMode • 0 implied HN points • 25 Feb 24

🕹 Technology Encryption Algorithms Messaging Cryptography Security

Encryption is like a secret code that keeps your information safe and private using algorithms and keys.
End-to-end encryption ensures that only the sender and recipient can access and read messages, offering a high level of security and privacy.
Signal Protocol, with features like the Double Ratchet Algorithm, is widely used in popular messaging apps to provide strong security for user communications.

iOS and macOS should offer higher opt-in security

Kartick’s Blog • 0 implied HN points • 17 Mar 23

🕹 Technology Security Privacy Software Encryption

iOS and macOS are already secure platforms, but not all security enhancements are suitable for all users.
Apple should allow users to opt-in for higher security settings to enhance protection.
Offering different levels of security options can cater to users with varying security needs and push the industry towards better security practices.

Don't Get Hacked! Top Security Essentials for Software Developers

Brain Bytes • 0 implied HN points • 04 Oct 23

🕹 Technology Security Encryption Data Protection Cybersecurity

Security in software development is crucial to protect applications and users from sophisticated cyber-attacks.
Implement HTTPS encryption to safeguard data transmitted between the user's browser and the server.
Protect user data by employing hashing and encryption methods, such as bcrypt, to secure passwords, thus preventing unauthorized access.

Give Me E2EE or Give Me Death

Seriously Risky Business • 0 implied HN points • 02 Mar 23

🕹 Technology Data security Cybersecurity Legislation Encryption Policy

Signal is ready to withdraw if forced to weaken encryption for the UK's Online Safety Bill
Regulators are considering shifting liability to software companies for security vulnerabilities
The US government emphasizes transparency in cybersecurity over shifting liability

The future of instant messaging

Venture Prose • 0 implied HN points • 15 Feb 23

🕹 Technology Messaging Privacy Features Application Encryption

Consider managing instant messaging notifications to avoid being overwhelmed by distractions.
Roze is a messaging app that prioritizes privacy, allowing users to have control over their conversations and notifications.
Roze offers various features like end-to-end encryption, customizable settings, and intimate messaging spaces for specific groups of contacts.

The Intimacies of Mechanical Things

Cybernetic Forests • 0 implied HN points • 11 Dec 22

🎨 Art & Illustration Poetry Mixed Media Encryption Digital Art

Bani Haykal's work explores human-machine intimacies through interfaces, poetry, and sound, using a mechanical keyboard to encrypt text into languages like Jawi and MIDI values, creating encoded poetry and sound work.
The encryption process in Bani's work is influenced by historical instances like the crypto-Muslim practice during the Spanish Inquisition, showcasing how encryption embodies privacy and secrecy in different cultures.
Bani's exploration of intimacy with devices like mechanical keyboards goes beyond physical proximity to consider transformation and blending, reflecting on how human-machine relationships impact us and our environments.